Search criteria
5 vulnerabilities found for RSA by RustCrypto
CVE-2026-21895 (GCVE-0-2026-21895)
Vulnerability from nvd – Published: 2026-01-08 14:06 – Updated: 2026-01-08 15:55
VLAI?
Title
rsa crate has potential panic on a prime being equal to 1
Summary
The `rsa` crate is an RSA implementation written in rust. Prior to version 0.9.10, when creating a RSA private key from its components, the construction panics instead of returning an error when one of the primes is `1`. Version 0.9.10 fixes the issue.
Severity ?
CWE
- CWE-703 - Improper Check or Handling of Exceptional Conditions
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| RustCrypto | RSA |
Affected:
< 0.9.10
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21895",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-08T14:52:10.453165Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-08T15:55:13.043Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "RSA",
"vendor": "RustCrypto",
"versions": [
{
"status": "affected",
"version": "\u003c 0.9.10"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The `rsa` crate is an RSA implementation written in rust. Prior to version 0.9.10, when creating a RSA private key from its components, the construction panics instead of returning an error when one of the primes is `1`. Version 0.9.10 fixes the issue."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 2.7,
"baseSeverity": "LOW",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-703",
"description": "CWE-703: Improper Check or Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-08T14:06:29.288Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/RustCrypto/RSA/security/advisories/GHSA-9c48-w39g-hm26",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/RustCrypto/RSA/security/advisories/GHSA-9c48-w39g-hm26"
},
{
"name": "https://github.com/RustCrypto/RSA/commit/2926c91bef7cb14a7ccd42220a698cf4b1b692f7",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RustCrypto/RSA/commit/2926c91bef7cb14a7ccd42220a698cf4b1b692f7"
}
],
"source": {
"advisory": "GHSA-9c48-w39g-hm26",
"discovery": "UNKNOWN"
},
"title": "rsa crate has potential panic on a prime being equal to 1"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-21895",
"datePublished": "2026-01-08T14:06:29.288Z",
"dateReserved": "2026-01-05T17:24:36.929Z",
"dateUpdated": "2026-01-08T15:55:13.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-49092 (GCVE-0-2023-49092)
Vulnerability from nvd – Published: 2023-11-28 20:57 – Updated: 2024-11-27 16:03
VLAI?
Title
RustCrypto/RSA vulnerable to a Marvin Attack via key recovery through timing sidechannels
Summary
RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key. There is currently no fix available. As a workaround, avoid using the RSA crate in settings where attackers are able to observe timing information, e.g. local use on a non-compromised computer.
Severity ?
5.9 (Medium)
CWE
- CWE-385 - Covert Timing Channel
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| RustCrypto | RSA |
Affected:
<= 0.9.5
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:46:28.810Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/RustCrypto/RSA/security/advisories/GHSA-c38w-74pg-36hr",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/RustCrypto/RSA/security/advisories/GHSA-c38w-74pg-36hr"
},
{
"name": "https://github.com/RustCrypto/RSA/issues/19#issuecomment-1822995643",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/RustCrypto/RSA/issues/19#issuecomment-1822995643"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49092",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-27T16:03:39.720474Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-27T16:03:51.520Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "RSA",
"vendor": "RustCrypto",
"versions": [
{
"status": "affected",
"version": "\u003c= 0.9.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key. There is currently no fix available. As a workaround, avoid using the RSA crate in settings where attackers are able to observe timing information, e.g. local use on a non-compromised computer."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-385",
"description": "CWE-385: Covert Timing Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-14T22:50:31.056Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/RustCrypto/RSA/security/advisories/GHSA-c38w-74pg-36hr",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/RustCrypto/RSA/security/advisories/GHSA-c38w-74pg-36hr"
},
{
"name": "https://github.com/RustCrypto/RSA/issues/19#issuecomment-1822995643",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RustCrypto/RSA/issues/19#issuecomment-1822995643"
}
],
"source": {
"advisory": "GHSA-c38w-74pg-36hr",
"discovery": "UNKNOWN"
},
"title": "RustCrypto/RSA vulnerable to a Marvin Attack via key recovery through timing sidechannels"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-49092",
"datePublished": "2023-11-28T20:57:06.739Z",
"dateReserved": "2023-11-21T18:57:30.429Z",
"dateUpdated": "2024-11-27T16:03:51.520Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-21895 (GCVE-0-2026-21895)
Vulnerability from cvelistv5 – Published: 2026-01-08 14:06 – Updated: 2026-01-08 15:55
VLAI?
Title
rsa crate has potential panic on a prime being equal to 1
Summary
The `rsa` crate is an RSA implementation written in rust. Prior to version 0.9.10, when creating a RSA private key from its components, the construction panics instead of returning an error when one of the primes is `1`. Version 0.9.10 fixes the issue.
Severity ?
CWE
- CWE-703 - Improper Check or Handling of Exceptional Conditions
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| RustCrypto | RSA |
Affected:
< 0.9.10
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21895",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-08T14:52:10.453165Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-08T15:55:13.043Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "RSA",
"vendor": "RustCrypto",
"versions": [
{
"status": "affected",
"version": "\u003c 0.9.10"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The `rsa` crate is an RSA implementation written in rust. Prior to version 0.9.10, when creating a RSA private key from its components, the construction panics instead of returning an error when one of the primes is `1`. Version 0.9.10 fixes the issue."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 2.7,
"baseSeverity": "LOW",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-703",
"description": "CWE-703: Improper Check or Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-08T14:06:29.288Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/RustCrypto/RSA/security/advisories/GHSA-9c48-w39g-hm26",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/RustCrypto/RSA/security/advisories/GHSA-9c48-w39g-hm26"
},
{
"name": "https://github.com/RustCrypto/RSA/commit/2926c91bef7cb14a7ccd42220a698cf4b1b692f7",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RustCrypto/RSA/commit/2926c91bef7cb14a7ccd42220a698cf4b1b692f7"
}
],
"source": {
"advisory": "GHSA-9c48-w39g-hm26",
"discovery": "UNKNOWN"
},
"title": "rsa crate has potential panic on a prime being equal to 1"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-21895",
"datePublished": "2026-01-08T14:06:29.288Z",
"dateReserved": "2026-01-05T17:24:36.929Z",
"dateUpdated": "2026-01-08T15:55:13.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-49092 (GCVE-0-2023-49092)
Vulnerability from cvelistv5 – Published: 2023-11-28 20:57 – Updated: 2024-11-27 16:03
VLAI?
Title
RustCrypto/RSA vulnerable to a Marvin Attack via key recovery through timing sidechannels
Summary
RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key. There is currently no fix available. As a workaround, avoid using the RSA crate in settings where attackers are able to observe timing information, e.g. local use on a non-compromised computer.
Severity ?
5.9 (Medium)
CWE
- CWE-385 - Covert Timing Channel
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| RustCrypto | RSA |
Affected:
<= 0.9.5
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:46:28.810Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/RustCrypto/RSA/security/advisories/GHSA-c38w-74pg-36hr",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/RustCrypto/RSA/security/advisories/GHSA-c38w-74pg-36hr"
},
{
"name": "https://github.com/RustCrypto/RSA/issues/19#issuecomment-1822995643",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/RustCrypto/RSA/issues/19#issuecomment-1822995643"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49092",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-27T16:03:39.720474Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-27T16:03:51.520Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "RSA",
"vendor": "RustCrypto",
"versions": [
{
"status": "affected",
"version": "\u003c= 0.9.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key. There is currently no fix available. As a workaround, avoid using the RSA crate in settings where attackers are able to observe timing information, e.g. local use on a non-compromised computer."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-385",
"description": "CWE-385: Covert Timing Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-14T22:50:31.056Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/RustCrypto/RSA/security/advisories/GHSA-c38w-74pg-36hr",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/RustCrypto/RSA/security/advisories/GHSA-c38w-74pg-36hr"
},
{
"name": "https://github.com/RustCrypto/RSA/issues/19#issuecomment-1822995643",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RustCrypto/RSA/issues/19#issuecomment-1822995643"
}
],
"source": {
"advisory": "GHSA-c38w-74pg-36hr",
"discovery": "UNKNOWN"
},
"title": "RustCrypto/RSA vulnerable to a Marvin Attack via key recovery through timing sidechannels"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-49092",
"datePublished": "2023-11-28T20:57:06.739Z",
"dateReserved": "2023-11-21T18:57:30.429Z",
"dateUpdated": "2024-11-27T16:03:51.520Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2023-49092
Vulnerability from fkie_nvd - Published: 2023-11-28 21:15 - Updated: 2024-11-21 08:32
Severity ?
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key. There is currently no fix available. As a workaround, avoid using the RSA crate in settings where attackers are able to observe timing information, e.g. local use on a non-compromised computer.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rustcrypto | rsa | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rustcrypto:rsa:*:*:*:*:*:rust:*:*",
"matchCriteriaId": "248AAFCD-E795-48F3-AC41-468B1E2EB267",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key. There is currently no fix available. As a workaround, avoid using the RSA crate in settings where attackers are able to observe timing information, e.g. local use on a non-compromised computer."
},
{
"lang": "es",
"value": "RustCrypto/RSA es una implementaci\u00f3n RSA port\u00e1til en Rust puro. Debido a una implementaci\u00f3n de tiempo no constante, la informaci\u00f3n sobre la clave privada se filtra a trav\u00e9s de informaci\u00f3n de tiempo que es observable en la red. Un atacante puede utilizar esa informaci\u00f3n para recuperar la clave. Actualmente no hay ninguna soluci\u00f3n disponible. Como workaround, evite utilizar la caja RSA en entornos donde los atacantes puedan observar informaci\u00f3n de tiempo, por ejemplo, el uso local en una maquina no comprometida."
}
],
"id": "CVE-2023-49092",
"lastModified": "2024-11-21T08:32:48.380",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-28T21:15:08.530",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/RustCrypto/RSA/issues/19#issuecomment-1822995643"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/RustCrypto/RSA/security/advisories/GHSA-c38w-74pg-36hr"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/RustCrypto/RSA/issues/19#issuecomment-1822995643"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/RustCrypto/RSA/security/advisories/GHSA-c38w-74pg-36hr"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-385"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}